JP2018514030A5 - - Google Patents
Download PDFInfo
- Publication number
- JP2018514030A5 JP2018514030A5 JP2017550703A JP2017550703A JP2018514030A5 JP 2018514030 A5 JP2018514030 A5 JP 2018514030A5 JP 2017550703 A JP2017550703 A JP 2017550703A JP 2017550703 A JP2017550703 A JP 2017550703A JP 2018514030 A5 JP2018514030 A5 JP 2018514030A5
- Authority
- JP
- Japan
- Prior art keywords
- substring
- input
- character
- value
- count value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 150000003839 salts Chemical class 0.000 claims 3
- 239000011780 sodium chloride Substances 0.000 claims 3
Claims (11)
サーバ上でuserID値およびフルセキュリティストリングを含むユーザアカウントを作成するステップであって、前記フルセキュリティストリングが第1の文字で始まる、ステップと、
その後、
前記userIDを前記サーバに提供することと、
前記サーバから前記userIDに関連付けられた文字カウント値を受信することであって、前記文字カウント値が、前記コンピューティングデバイスの現在のコンテキストに基づくパスワード強度に対応する、受信することと、
ユーザから入力を受信することであって、前記入力が、前記第1の文字で始まる前記フルセキュリティストリングの中の連続する文字のサブセットからなる、受信することと、
前記入力の中の文字数が前記文字カウント値に等しいとき、前記入力を前記サーバに提供することとによって、
前記ユーザアカウントにアクセスするステップと
を備える方法。 A method for verifying a user's security credentials on a computing device, comprising:
Creating a user account on the server that includes a userID value and a full security string, wherein the full security string begins with a first character;
after that,
Providing the userID to the server;
Receiving a character count value associated with the userID from the server, wherein the character count value corresponds to a password strength based on a current context of the computing device;
Receiving input from a user, wherein the input consists of a subset of consecutive characters in the full security string starting with the first character;
Providing the input to the server when the number of characters in the input is equal to the character count value;
Accessing the user account.
ユーザからユーザ識別情報およびフルセキュリティストリングを受信するステップであって、前記フルセキュリティストリングが第1の文字で始まる、ステップと、
複数のサブストリングを生成するステップであって、前記複数のサブストリングの各々が、前記第1の文字で始まる前記フルセキュリティストリングの中の連続する文字のサブセットからなり、前記複数のサブストリングの各々が、パスワード強度値および文字カウント値に関連付けられる、ステップと、
前記クライアントから前記アクセス要求を受信するステップであって、前記アクセス要求が前記ユーザ識別情報を含む、ステップと、
前記ユーザ識別情報および前記クライアントの現在のコンテキストに少なくとも部分的に基づいて、前記複数のサブストリングのうちの1つを決定するステップと、
前記複数のサブストリングのうちの前記1つに関連付けられた前記文字カウント値を前記クライアントに提供するステップと、
前記クライアントから入力サブストリングを受信するステップであって、前記入力サブストリングの長さが前記文字カウント値に対応する、ステップと、
前記入力サブストリングを検証するステップと、
前記入力サブストリングが有効である場合に前記アクセス要求を許可するステップと、
前記入力サブストリングが無効である場合に前記アクセス要求を拒否するステップと
を備える方法。 A method for validating an access request received from a client, comprising:
Receiving user identification information and a full security string from a user, the full security string starting with a first character;
Generating a plurality of substrings, each of the plurality of substrings comprising a subset of consecutive characters in the full security string beginning with the first character, wherein each of the plurality of substrings Is associated with a password strength value and a character count value, and
Receiving the access request from the client, wherein the access request includes the user identification information;
Determining one of the plurality of substrings based at least in part on the user identity and the current context of the client;
Providing the client with the character count value associated with the one of the plurality of substrings;
Receiving an input substring from the client, wherein a length of the input substring corresponds to the character count value;
Validating the input substring;
Granting the access request if the input substring is valid;
Rejecting the access request if the input substring is invalid.
前記入力サブストリングを前記ソルト値と組み合わせるステップであって、前記入力サブストリングと前記ソルト値の前記組合せに対して前記サブストリングハッシュコードが決定される、ステップと
をさらに備える、請求項5に記載の方法。 Determining a salt value based at least in part on the user identification information;
6. The step of combining the input substring with the salt value, wherein the substring hash code is determined for the combination of the input substring and the salt value. the method of.
前記メモリに動作可能に結合され、
サーバ上でuserID値およびフルセキュリティストリングを含むユーザアカウントを作成することであって、前記フルセキュリティストリングが第1の文字で始まる、作成することと、
前記userID値を提供した後に、前記サーバから文字カウント値を受信することであって、前記文字カウント値が、必要とされるパスワード強度に対応する、受信することと、
前記userID値および前記文字カウント値に等しい長さのサブストリングを提供することによって前記ユーザアカウントにアクセスすることであって、前記サブストリングが、前記第1の文字で始まる前記フルセキュリティストリングの中の連続する文字のサブセットを含む、アクセスすることと
を行うように構成された少なくとも1つのプロセッサと
を備える装置。 Memory,
Operably coupled to the memory;
Creating a user account on the server that includes a userID value and a full security string, wherein the full security string begins with a first character;
Receiving a character count value from the server after providing the userID value, wherein the character count value corresponds to a required password strength;
Accessing the user account by providing a substring of length equal to the userID value and the character count value, wherein the substring in the full security string begins with the first character And at least one processor configured to access, including a subset of consecutive characters.
前記装置についてのコンテキスト情報を決定することであって、前記必要とされるパスワード強度が前記コンテキスト情報に少なくとも部分的に基づく、決定することと、
前記コンテキスト情報、前記userID値、および前記サブストリングを提供することによって前記ユーザアカウントにアクセスすることと
を行うように構成される、請求項7に記載の装置。 The at least one processor is:
Determining context information about the device, wherein the required password strength is based at least in part on the context information;
8. The apparatus of claim 7 , configured to access the user account by providing the context information, the userID value, and the substring.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/673,561 US10091188B2 (en) | 2015-03-30 | 2015-03-30 | Accelerated passphrase verification |
US14/673,561 | 2015-03-30 | ||
PCT/US2016/022564 WO2016160333A1 (en) | 2015-03-30 | 2016-03-16 | Accelerated passphrase verification |
Publications (3)
Publication Number | Publication Date |
---|---|
JP2018514030A JP2018514030A (en) | 2018-05-31 |
JP2018514030A5 true JP2018514030A5 (en) | 2018-10-18 |
JP6453486B2 JP6453486B2 (en) | 2019-01-16 |
Family
ID=55637490
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2017550703A Expired - Fee Related JP6453486B2 (en) | 2015-03-30 | 2016-03-16 | Accelerated passphrase verification |
Country Status (6)
Country | Link |
---|---|
US (1) | US10091188B2 (en) |
EP (2) | EP3300333A1 (en) |
JP (1) | JP6453486B2 (en) |
KR (1) | KR101977672B1 (en) |
CN (1) | CN107431624B (en) |
WO (1) | WO2016160333A1 (en) |
Families Citing this family (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10116441B1 (en) * | 2015-06-11 | 2018-10-30 | Amazon Technologies, Inc. | Enhanced-security random data |
WO2018100682A1 (en) * | 2016-11-30 | 2018-06-07 | 株式会社オプティム | COMPUTER SYSTEM, IoT DEVICE MONITORING METHOD, AND PROGRAM |
US10681037B2 (en) * | 2017-06-29 | 2020-06-09 | Amadeus S.A.S. | Terminal authentication |
US11036780B2 (en) * | 2018-03-08 | 2021-06-15 | Ebay Inc. | Automatic lot classification |
WO2020159533A1 (en) * | 2019-02-01 | 2020-08-06 | Hewlett-Packard Development Company, L.P. | Security credential derivation |
US11343672B2 (en) | 2019-02-20 | 2022-05-24 | Coretigo Ltd. | Secure communication encryption and decryption mechanism in a wireless communication system |
US11240227B2 (en) * | 2019-06-10 | 2022-02-01 | Microsoft Technology Licensing, Llc | Partial pattern recognition in a stream of symbols |
US11178135B2 (en) | 2019-06-10 | 2021-11-16 | Microsoft Technology Licensing, Llc | Partial pattern recognition in a stream of symbols |
US11258783B2 (en) | 2019-06-10 | 2022-02-22 | Microsoft Technology Licensing, Llc | Authentication with random noise symbols and pattern recognition |
US20200389443A1 (en) * | 2019-06-10 | 2020-12-10 | Microsoft Technology Licensing, Llc | Authentication with random noise symbols and pattern recognition |
US11736472B2 (en) | 2019-06-10 | 2023-08-22 | Microsoft Technology Licensing, Llc | Authentication with well-distributed random noise symbols |
US11496457B2 (en) | 2019-06-10 | 2022-11-08 | Microsoft Technology Licensing, Llc | Partial pattern recognition in a stream of symbols |
US11514149B2 (en) | 2019-06-10 | 2022-11-29 | Microsoft Technology Licensing, Llc | Pattern matching for authentication with random noise symbols and pattern recognition |
CN110489466B (en) * | 2019-07-03 | 2023-09-08 | 平安证券股份有限公司 | Method and device for generating invitation code, terminal equipment and storage medium |
US11394551B2 (en) | 2019-07-17 | 2022-07-19 | Microsoft Technology Licensing, Llc | Secure authentication using puncturing |
US11133962B2 (en) | 2019-08-03 | 2021-09-28 | Microsoft Technology Licensing, Llc | Device synchronization with noise symbols and pattern recognition |
US11258779B2 (en) * | 2020-01-14 | 2022-02-22 | Cisco Technology, Inc. | Wireless LAN (WLAN) public identity federation trust architecture |
US11423160B2 (en) | 2020-04-16 | 2022-08-23 | Bank Of America Corporation | System for analysis and authorization for use of executable environment data in a computing system using hash outputs |
US11528276B2 (en) * | 2020-04-16 | 2022-12-13 | Bank Of America Corporation | System for prevention of unauthorized access using authorized environment hash outputs |
US11425123B2 (en) | 2020-04-16 | 2022-08-23 | Bank Of America Corporation | System for network isolation of affected computing systems using environment hash outputs |
US11481484B2 (en) | 2020-04-16 | 2022-10-25 | Bank Of America Corporation | Virtual environment system for secure execution of program code using cryptographic hashes |
EP3901926A1 (en) * | 2020-04-21 | 2021-10-27 | Deutsche Post AG | Validation method and apparatus for identification documents |
CN111797285A (en) * | 2020-06-30 | 2020-10-20 | 深圳壹账通智能科技有限公司 | Character string fuzzy matching method, device, equipment and readable storage medium |
US11625477B2 (en) * | 2020-08-13 | 2023-04-11 | Capital One Services, Llc | Automated password generation |
US11657142B2 (en) | 2021-05-12 | 2023-05-23 | Micro Focus Llc | Stateless password manager |
CN113806730B (en) * | 2021-09-18 | 2024-03-08 | 北京安天网络安全技术有限公司 | Method, system, equipment and medium for inputting security password |
US20230198978A1 (en) * | 2021-12-22 | 2023-06-22 | Mcafee, Llc | Deterministic hash to secure personal data and passwords |
Family Cites Families (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3829355B2 (en) * | 1996-04-09 | 2006-10-04 | 松下電器産業株式会社 | User verification device |
JP2002091921A (en) * | 2000-09-20 | 2002-03-29 | Nippon Telegraph & Telephone East Corp | Method and device for authentication |
AU2003293125A1 (en) * | 2002-11-27 | 2004-06-23 | Rsa Security Inc | Identity authentication system and method |
US7299359B2 (en) * | 2003-04-23 | 2007-11-20 | Apple Inc. | Apparatus and method for indicating password quality and variety |
US7886345B2 (en) | 2004-07-02 | 2011-02-08 | Emc Corporation | Password-protection module |
US8145912B2 (en) | 2005-03-01 | 2012-03-27 | Qualcomm Incorporated | System and method for using a visual password scheme |
US8046827B2 (en) * | 2007-06-12 | 2011-10-25 | Francisco Corella | Access control of interaction context of application |
US8386461B2 (en) | 2008-06-16 | 2013-02-26 | Qualcomm Incorporated | Method and apparatus for generating hash mnemonics |
US8131738B2 (en) * | 2008-12-30 | 2012-03-06 | International Business Machines Corporation | Search engine service utilizing hash algorithms |
US8495715B2 (en) | 2009-02-23 | 2013-07-23 | Oracle International Corporation | Techniques for credential auditing |
JP5289152B2 (en) * | 2009-04-14 | 2013-09-11 | 三菱電機株式会社 | Biometric authentication device and biometric authentication system |
CN101902461B (en) * | 2010-04-07 | 2013-01-30 | 北京星网锐捷网络技术有限公司 | Method and device for filtering data stream contents |
US8832807B1 (en) | 2010-08-05 | 2014-09-09 | Christine E. Kuo | Method and apparatus for asynchronous dynamic password |
KR101459255B1 (en) | 2011-03-14 | 2014-11-07 | 퀄컴 인코포레이티드 | Hybrid networking master passphrase |
US9471772B2 (en) | 2011-06-01 | 2016-10-18 | Paypal, Inc. | Password check by decomposing password |
US8869305B1 (en) * | 2011-09-22 | 2014-10-21 | Symantec Corporation | Systems and methods for implementing password-protection policies based on physical locations of mobile devices |
JP2013131164A (en) * | 2011-12-22 | 2013-07-04 | Internatl Business Mach Corp <Ibm> | Information processing device having lock function and program for executing lock function |
US8613066B1 (en) | 2011-12-30 | 2013-12-17 | Amazon Technologies, Inc. | Techniques for user authentication |
CN102693380A (en) * | 2012-05-07 | 2012-09-26 | 李良 | Password authentication method |
US8756677B2 (en) * | 2012-05-30 | 2014-06-17 | Google Inc. | Variable-strength security based on time and/or number of partial password unlocks |
US9245107B2 (en) | 2012-12-21 | 2016-01-26 | Paypal, Inc. | Systems and methods for determining a strength of a created credential |
US20140189885A1 (en) * | 2012-12-27 | 2014-07-03 | Microsoft Corporation | Permitting a user access to password protected data |
US9135427B2 (en) | 2013-01-30 | 2015-09-15 | Arris Technology, Inc. | Authentication using a subset of a user-known code sequence |
US9654479B2 (en) * | 2013-02-28 | 2017-05-16 | Apple Inc. | Private discovery of electronic devices |
JP6393282B2 (en) * | 2014-01-31 | 2018-09-19 | マクセル株式会社 | Mobile terminal device |
US9390242B2 (en) * | 2014-02-07 | 2016-07-12 | Bank Of America Corporation | Determining user authentication requirements based on the current location of the user being within a predetermined area requiring altered authentication requirements |
US9348989B2 (en) * | 2014-03-06 | 2016-05-24 | International Business Machines Corporation | Contemporaneous gesture and keyboard entry authentication |
-
2015
- 2015-03-30 US US14/673,561 patent/US10091188B2/en not_active Expired - Fee Related
-
2016
- 2016-03-16 KR KR1020177027347A patent/KR101977672B1/en active IP Right Grant
- 2016-03-16 EP EP17199146.6A patent/EP3300333A1/en not_active Withdrawn
- 2016-03-16 WO PCT/US2016/022564 patent/WO2016160333A1/en active Application Filing
- 2016-03-16 EP EP16712164.9A patent/EP3278528B1/en not_active Not-in-force
- 2016-03-16 CN CN201680015472.1A patent/CN107431624B/en not_active Expired - Fee Related
- 2016-03-16 JP JP2017550703A patent/JP6453486B2/en not_active Expired - Fee Related
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP2018514030A5 (en) | ||
US10700861B2 (en) | System and method for generating a recovery key and managing credentials using a smart blockchain contract | |
US10411907B2 (en) | Secure remote user authentication leveraging public key cryptography and key splitting | |
JP6555073B2 (en) | Set-based biometric authentication to protect privacy | |
JP6410798B2 (en) | User authentication | |
WO2016078182A1 (en) | Authorization method, device and system for sensitive data | |
US9438590B2 (en) | Privacy preserving biometric authentication based on error correcting codes | |
US20170086069A1 (en) | System and Method of Authentication by Leveraging Mobile Devices for Expediting User Login and Registration Processes Online | |
WO2019200799A1 (en) | Short message verification code pushing method, electronic device and readable storage medium | |
US11563724B1 (en) | System and method for allowing access to an application or features thereof on each of one or more user devices | |
US11057372B1 (en) | System and method for authenticating a user to provide a web service | |
JP2015521766A5 (en) | ||
US10755237B2 (en) | Method for creating, registering, revoking authentication information and server using the same | |
WO2014012476A1 (en) | Method and system of login authentication | |
US11477190B2 (en) | Dynamic user ID | |
KR101818601B1 (en) | Method for providing identity verification using card base on near field communication, card, verification terminal, verification support server and identity verification server using the same | |
WO2016010643A1 (en) | Method and system for password setting and authentication | |
WO2013170822A2 (en) | Method and device for processing password for logging into server | |
CN102354354A (en) | Information fingerprint technique based picture password generation and authentication method | |
CN106487752A (en) | A kind of method and apparatus for authentication-access safety | |
RU2016130455A (en) | METHOD AND SYSTEM FOR DETERMINING WHETHER THE USER IS A HUMAN | |
US20180317085A1 (en) | Device authentication | |
WO2017185683A1 (en) | Authentication method and authentication system based on biological identification information, and electronic device | |
KR101420160B1 (en) | Variable password generation method and internet authentication system using the same | |
CA2904646A1 (en) | Secure authentication using dynamic passcode |